Skip to main content

More right-solid
More right-solid
SHOW DETAILS
up-solid down-solid
eye
Title
Date Archived
Creator
In hardware security analysis, success and failure are predetermined by one's tools. Coping with overwhelming streams of data can be near impossible in software alone. Implementing accurate timing can also prove to be challenging without a custom logic implementation. The solution to many of these issues is offloading much of the work to purpose-built dedicated logic. In this talk we introduce Die Datenkrake (DDK) a low-cost open source hardware project for hardware reverse engineering that...
Topics: Recon, Recon 2013, Reverse Engineering
Community Video
movies
eye 281
favorite 0
comment 0
While Windows has been becoming a tighter and tighter ship with increased mitigations added each release, the local availability of kernel addresses has barely been addressed, except in the context of some ASLR bypasses in Windows 8. This presentation will collect many of the already-known info leaks in one single source, and then proceed by presenting some unknown and novel info leaks in the kernel. Other than documented and undocumented APIs to retrieve kernel pointers, we'll also take a look...
Topics: Recon, Recon 2013, Reverse Engineering, Alex Ionescu
This presentation is devoted to analysis one of the stealthiest bootkit seen in the wild – Win32/Gapz. The talk will cover not only remarkable features of the bootkit such as custom kernel-mode network protocol implementation, advanced bootkit technique and payload injection functionality but, also, the way the authors of the presentation approached the problem of analysis Win32/Gapz using the tools by Hex-Rays. The authors will demonstrate the usage of Hex-Rays decompiler SDK for building a...
Topics: Recon, Recon 2013, Reverse Engineering
Community Video
movies
eye 270
favorite 1
comment 0
In the world of digital storage, gone are the days of spinning platters and magnetic residue. These technologies have been replaced with electron trapping, small voltage monitoring and a lot of magic. These NAND devices are ubiquitous across our culture; from smart phones to laptops to USB memory sticks to GPS navigation devices. We carry many of these devices in our pockets daily without considering the security implications. The NAND-Xplore project is an attempt to explain how NAND Flash...
Topics: Recon, Recon 2013, Reverse Engineering
Community Video
movies
eye 142
favorite 0
comment 0
Checkpoint-Restart: Proprietary Hardware and the "Spiderweb API" This summary describes a package to transparently checkpoint and restart applications which run over Infiniband. Infiniband is rapidly growing as a high-speed interconnect, even appearing on departmental clusters. The current work grew out of the needs of high performance computing. As of November, 2010, 43% of the TOP500 supercomputers run Infiniband. However, the ability to checkpoint immediately provides access to a...
Topic: Recon 2011, Recon, Reverse Engineering, Infiniband
Community Video
Apr 27, 2012
movies
eye 571
favorite 0
comment 0
RFID Hacking In the last years RFID did become a ubiquitous part of our life. We are confronted daily with RFID applications in access control systems, as micro-payment, in electronic IDs and public transportation. Despite of the huge impact, still very little is known on many systems out there - questions on security and privacy features remain unanswered by most system vendors. This talks explains how black box RFID systems can be analyzed and reverse engineered to understand the protocols...
Topic: Recon, Milosch Meriac, RFID, RFID Hacking, Hacking, OpenPCD
Community Video
Apr 26, 2012 Recon
movies
eye 784
favorite 1
comment 0
Internet filtering Many countries in the world perform extensive network surveillance, filtering in the form of website blocking or protocol specific censorship; recently many networked authoritarian events in the Middle East/North Africa and across most of the world have come to light. During some specific political uprisings came increased invasive filtering events. I've run a series of tests in many of these countries, during these events with the specific purpose of identifying specific...
Topic: Recon, Jacob Appelbaum, Internet Censorship, Tor, Recon 2011,
Community Video
movies
eye 1,081
favorite 0
comment 0
The Dalvik Virtual Machine supports using Eclipse and JDB to enable developers to debug their Android applications; when used with decompiled sources, these tools become balky and clumsy, making reverse engineering Dalvik applications harder than it has to be. Scott Dunlop will unveil AndBug, a scriptable open source debugger targeting Dalvik applications intended to be used by reverse engineers to script breakpoints that can trace process flow and change state.
Topics: Recon, android, dalvik
Community Video
Aug 10, 2011 Recon
movies
eye 564
favorite 0
comment 0
(Bug: if the video is black use the QuickTime video instead) This presentation is about a remote kernel debugger leveraging the hardware virtualization facilities provided by modern processors. The hypervisor is loaded "on the fly" with DMA requests and allow to debug the target without rebooting. The client part leverages the metasm framework. This presentation is about a remote kernel debugger leveraging the hardware virtualization facilities provided by modern processors. This...
Topics: Recon, VirtDbg, Reverse Engineering
Community Video
movies
eye 344
favorite 0
comment 0
(Bug: if the video is black use the QuickTime video instead) Firmware and embedded software have already targets of choice in the past. In the same spirit, this talk will discuss about how an attacker can take advantages of a laptop's keyboard controller. The keyboard controller (KBC) or embedded controller (EC) is most often an unknown component of our laptop. It is an independent computation unit, alongside the main processor. Firmwares and embedded software have already targets of choice in...
Community Video
movies
eye 4,926
favorite 0
comment 0
(Bug: if the video is black use the QuickTime video instead) Reverse engineers have to analyze more and more code these days, be it is investigation of malware, software security assessment, or RE for interoperability. While plain C code is quite familiar by now, C++ offers new challenges with inheritance, virtual functions, exception handling and so on. I will describe the common problems encountered in C++ reversing and how to deal with them. We'll also see how to get nice readable code using...
Topic: Reverse Engineering, IDA, Recon, Decompilation
Community Video
movies
eye 1,031
favorite 0
comment 0
(Bug: if the video is black use the QuickTime video instead) Automated JTAG/serial scanning, building your own FLASH programmer, re-documenting IC's. Using arduino based scanning tools the techniques shown for hacking embedded devices should be accessible to anyone with basic programming skills. This talk will explain the workflow and toolkit to make analysis of nearly any device more accessible. Every layer of design in a device, from logic to software, requires a means for debugging. These...
Community Video
movies
eye 2,551
favorite 1
comment 0
This talk will be an introduction to doing "hardware stuff" stuff, for people accustomed to plying their trade against software. I will discuss how to build tools (and use existing tools) to sniff/spy on a variety of hardware communications channels from UART Serial (the kind in your computer) to the very ubiquitous SPI/I2C serial busses used in virtual everything (from EEPROM in your portable DVD player to the HDMI/VGA cables between your computer and monitor). I will demonstrate how...
Topics: Recon, Hardware, Reverse Engineering
Community Video
Apr 6, 2011 Recon
movies
eye 427
favorite 0
comment 0
The latest advances in exploitation of memory corruption vulnerabilities revolve around applying return-oriented exploitation techniques to evade non-executable memory protections such as Microsoft's Data Execution Prevention (DEP), CPU-supported non-executable memory (NX/XD), and mandatory code-signing such as on iPhone OS. Although the ideas behind these exploitation techniques can be traced quite far back, they are receiving more attention as non-executable memory protections become more...
Topics: recon_2010_dino_dai_zovi, Recon 2010, Mac OS X, exploitation, return-oriented exploitation
Community Video
movies
eye 789
favorite 0
comment 0
In a nutshell: 5ESS (include VCDX under emulation), demonstration using either the simulator and/or the 3B20/21 emulator. Demonstration of MCC pages and pokes, as well as useful CRAFT commands. RC/V (Recent Change/Verify). Talk about GRASP (the 5E/DMERT/UNIX-RTR debugger). Will talk about DMS SuperNode series of switches, from the basics (how to login and get to the Command Interpreter - CI), as well as MAPCI, the Table Editor, which tables are useful, adding to tables, as well as SERVORD (RC/V...
Topics: recon_2010_jonathan_stuart, Recon 2010, DMS, 5ESS, Datakit VCS II
Community Video
movies
eye 300
favorite 1
comment 0
Unpacking automation has been attacked in many different ways. In this paper we propose a new method based on the detection of unique characteristics in unpacked code. Using proper monitorization of the process it's possible to determine when the unpacking is done, even if multiple chained packers have been used. Bio Ero Carrera is currently Chief Research Officer of Collaborative Security at VirusTotal and a reverse engineering automation researcher at zynamics GmbH (was SABRE Security GmbH),...
Topics: recon_2010_ero_carrera_and_jose_duart, Recon 2010, Reverse Engineering, Packers, Unpacking,...
Community Video
movies
eye 393
favorite 0
comment 0
I find the stories that surround how lockpickers and researchers have been able to exploit weaknesses in some of the world's most secure and trusted locks to be fascinating. This talk will present, in detail, the tales of how three major physical security products were attacked: The Mul-T-Lock, Medeco, and Kwikset Smart Series. What to look for in locks and possible routes of attack against other popular high security products will then be discussed. Bio While paying the bills as a security...
Topics: recon_2010_deviant_ollam, Recon 2010, Reverse Engineering, Locks, Lock Picking
Community Video
movies
eye 292
favorite 0
comment 0
Swizzor is a malware family that was first seen on the Internet in 2002 and, since then, researchers have collected millions of different binary samples. The reason so many different files exist is that Swizzor uses strong server-side binary obfuscation to evade antivirus detection and slow down manual reverse engineering. In this talk, we will present a set of tools and techniques we have developed to understand and defeat Swizzor's binary protection. Upon execution, the custom packer goes...
Topics: recon_2010_pierre-marc_bureau_and_joan_calvet, Recon 2010, Reverse Engineering, Swizzor, Obfuscation
Community Video
movies
eye 609
favorite 1
comment 0
This talk will present a critical design flaw in the Windows KD (Kernel Debugger) protocol that is implemented in all Windows versions, as well as XBOX and Xbox 360, Windows CE, Singularity and some EFI/EXDI hardware. This flaw enables an attacker running in the target system to attack any host running a KD-compatible debugger, crossing machine isolation boundaries as well as VM boundaries, regardless of the virtualization product in use, be it VMWare or Virtual Box. This design flaw allows the...
Topics: recon_2010_alex_ionesco, Recon 2010, Reverse Engineering, Debugger, Windows, Cross-system Attacks,...
Community Video
movies
eye 554
favorite 0
comment 0
As reverse engineers and exploit writers we spend much of our time trying to illuminate the relationships between input data, executed paths and the values we see in memory/registers at a later point. This work can often be tedious, especially in the presence of extensive arithmetic/logical modification of input data and complex conditions. Using recent (and not so recent) advances in run-time instrumentation we can go a long way towards automating the process of tracking input data and its...
Topics: recon_2010_sean_heelan, Reverse Engineering, Recon 2010, Security, Taint Analysis, Theorem Proving,...
Community Video
movies
eye 304
favorite 0
comment 0
An incisive illumination of how the transformational engines of information technologies alter our religious structures, spiritual frameworks, and points of ethical reference even as we try to apply them to the new humanity, i.e. individuals and organizational structures all the way to the top of geo-political realities who are morphing as a result of their symbiotic relationship with those technologies. Not only what we see is changing but the lenses through which we see are changing too,...
Topics: Reverse Engineering, Recon, Recon 2010, Security, Ethics, Intelligence
Community Video
Jul 20, 2008 recon.cx
movies
eye 11,254
favorite 2
comment 1
RECON2008 T01 Pierre Marc Bureau How I learned Reverse Engineering with Storm.avi RECON2008 T02 Bruce Dang Methods for analyzing malicious Office documents.avi RECON2008 T03 Ilfak Guilfanov Building plugins for IDA Pro.avi RECON2008 T04 Thomas Garnier Windows privilege escalation through LPC and ALPC interfaces.avi RECON2008 T05 Nicolas Pouvesle NetWare kernel stack overflow exploitation.avi RECON2008 T06 Cameron Hotchkies Under the iHood.avi RECON2008 T07 Jason Raber Helikaon Linux Debuger.avi...
favoritefavoritefavoritefavoritefavorite ( 1 reviews )
Topics: Recon, Reverse Engineering, Conference, Montreal, Security
Community Video
Dec 31, 2006 Recon Conference
movies
eye 955
favorite 0
comment 0
In recent years, people have become more familiar with the term "social engineering", the use of deception or impersonation to gain unauthorised access to resources from computer networks to buildings. Does this mean that there are fewer successful social engineering attacks? Probably not. In fact, because computer security is becoming more sophisticated and more difficult to break (although this is still very possible) more and more people are resorting to social engineering...
Topics: Recon, Reverse Engineering, Conference, Montreal, Security, Social Engineering
Community Video
Dec 31, 2006 Recon Conference
movies
eye 507
favorite 0
comment 0
Don't wait for your vendor to get around to it, fix bugs yourself! There is no need to wait for patches and new (possibly expensive) software upgrades. In many cases fixing bugs in binaries is easier and faster than in the source code. This is especially true considering the complexity of library dependencies and build environments. Some consider "cracking" software protection a form of patching bugs, that is not what this talk is about. It covers straightforward reverse engineering...
Topics: Recon, Reverse Engineering, Conference, Montreal, Security, Bugs
Community Video
Dec 31, 2006 Recon Conference
movies
eye 516
favorite 0
comment 0
The amount of new malware being developed has increased at a staggering rate over the last couple of years. At the same time, executable packing technology has grown to provide malware authors with a myriad of choices in how they pack their malware to evade detection and analysis. This presents a growing problem to analysts who lack the time to learn how each packer works and can be unpacked, but still need to be able to quickly handle anything that comes their way. There are three conventional...
Topics: Recon, Reverse Engineering, Conference, Montreal, Security, Unpacking
Community Video
Dec 31, 2006 Recon Conference
movies
eye 490
favorite 0
comment 0
This presentation talks about the fact and fiction of today's security devices. It explains how to approach testing the validly of their claims and provides multiple examples of real world products and their weaknesses. Rarely do security engineers look at network products from the creation point of view. Understanding how and why they are created and the limitations of that process can lead to finding security issues quite a bit quicker and easier. Bio Dennis Cox is the Chief Technical Officer...
Topics: Recon, Reverse Engineering, Conference, Montreal, Security
Community Video
movies
eye 598
favorite 0
comment 0
In this presentation, we will introduce the new Linux Trace Toolkit Next Generation (LTTng) kernel tracer and its analysis counterpart, Linux Trace Toolkit Viewer (LTTV), a fully extensible text and graphical trace viewer. We will focus on how these tools can be used in the security field, particularly for reverse engineering. It can be very useful to reverse engineer a software "black box". It can be a driver, a library or a multithreaded application : the tracer can log every...
Topics: Recon, Reverse Engineering, Conference, Montreal, Security, LTT, Kernel, Tracing
Community Video
movies
eye 537
favorite 1
comment 0
This talk will go over advancements in the technology to circumvent measures put into place to prevent the age old internet pastime of annoying other people. Methods and tools will be presented for breaking audio and visual CAPTCHA systems, taking advantage of lazy registrant authentication, ruining the quality of collaborative content, and defeating spam filters even better than the spammers do and otherwise compromising usability, as well as a few other surprise demos. Bio Christopher Abad is...
Topics: Recon, Reverse Engineering, Conference, Montreal, Security, Whales
Community Video
Dec 31, 2006 Recon Conference
movies
eye 693
favorite 0
comment 0
IDAPython has made a big splash, by embedding the python interpreter as an IDA plugin, and wrapping the IDA SDK for access from python code. I think this was a great idea to allow more rapid development of IDA plugins, and to help write advanced plugins easier. However, I found a few draw backs with IDAPython. Besides preferring a language besides python, I think the plugin architecture could be improved upon, and brought to be network based. I also think that building some higher level classes...
Topics: Recon, Reverse Engineering, Conference, Montreal, Security, Ruby, IDA
Community Video
Dec 31, 2006 Recon
movies
eye 632
favorite 0
comment 0
The DMCA has been trying to stop the exchange/sharing of information. Specifically, they have tried to stop discussions regarding reverse code engineering and file sharing. Since reverse engineering is a critical part of software development, I will try to explain why the DMCA rules are faulty in regards to reverse code engineering and search engines that provide links to infringing material. Bio Protector of RCE information
Topics: Recon, Reverse Engineering, Conference, Montreal, Security
Community Video
movies
eye 623
favorite 0
comment 0
Windows 2003 Service Pack 1 introduces new features into the kernel which protect against previous methods of accessing kernel memory from user mode without the usage of a driver. For example, both the usage of the DevicePhysicalMemory section as well as of the ZwSystemDebugControl APIs has now been completely blocked, meaning that editing kernel memory through physical addresses, installing a callgate or using IDT modifications are not possible methods of violating the ring privilege level....
Topics: Recon, Reverse Engineering, Conference, Montreal, Security
Community Video
Nov 27, 2006 Recon Conference
movies
eye 1,077
favorite 1
comment 0
Breaking WPA-PSK is possible with coWPAtty, but trying to do so onsite can be time consuming and boring. All that waiting around for things to be computed each and every time we want to check for dumb and default passwords. Well, we're impatient and like to know the password NOW! Josh Wright has recently added support for precomputed tables to coWPAtty -- but how do you create a good set of tables and not have it take 70 billion years? h1kari has implemented the time consuming PBKDF2 step of...
Topics: Recon, Reverse Engineering, Conference, Montreal, Security, Wifi, Wireless, FPGA, WPA, WEP
Community Video
movies
eye 515
favorite 0
comment 0
This presentation will be about a virus/worm framework which takes advantage of the abundance of NOP-areas produced by modern compilers in executables. The virus is bound to the x86 CPU architecture (with the possibility of porting it to other CISC architectures); however, a key feature of this infection vector is that the virus is operaing system independent. The majority of my work so far has been done on GNU/Linux but tests have been run on Windows XP, NetBSD and FreeBSD. Future targets...
Topics: Recon, Reverse Engineering, Conference, Montreal, Security, Virus
Community Video
movies
eye 3,438
favorite 1
comment 0
Reversers, and more specifically web-seekers, are a strange bunch of 'matter of fact' fellows: their most peculiar endowment is the capacity of reversing realities around them... red As a consequence -among many others- they don't buy any advertisement hype (in fact they don't buy advertisements in general), and they don't trust any commercial enterprise, knowing very well that people bent on making money out of the web have no intention whatsoever of spreading knowledge without having seen...
Topics: Recon, Reverse Engineering, Conference, Montreal, Security, Searching, Google, Searchlores, Fravia
Community Video
movies
eye 2,087
favorite 0
comment 0
Skype is a free (as in beer) voice over IP application. Many other VOIP applications exist, but some specific points make Skype very different, such as its peer-to-peer architecture, its ease to bypass firewalls and, last but not least, the impressive level of obfuscation that has been invested to prevent anybody from looking inside the software and its communications. This last point added to its increasing success gave birth to many myths on security issues around it. This presentation will...
Topics: Recon, Skype, Reverse Engineering, Conference, Montreal, Security
Community Video
Nov 17, 2006 Recon 2006
movies
eye 1,369
favorite 1
comment 0
Many security systems are beginning to rely on hardware-based techniques to raise the difficulty of attacking a system. As a result, a basic understanding of circuit boards and what they mean can often times be helpful. In this session, bunnie will introduce the topic of reading and understanding circuit boards. We will learn what the basic components look like, and how to determine their function in a circuit. We will then quickly ascend to taking a higher-level approach toward systems and...
Topics: Recon, Reverse Engineering, Conference, Montreal, Security, Hardware
Community Video
Nov 17, 2006 Recon 2006
movies
eye 508
favorite 0
comment 0
Static source code analysis has evolved rapidly in the past few years into a powerful developmental aid. However, many developers' perceptions of static analysis are incorrect. Analysis techniques are more advanced than many people realize, but also not the magic bullet many hope for. Successful utilization and integration of static analysis requires understanding its possibilities and limits. This talk is primarily targeted at security concious software developers and consultants. It's...
Topics: Recon, Reverse Engineering, Conference, Montreal, Security, Static Analysis
Community Video
movies
eye 1,203
favorite 1
comment 0
There are a slew of languages, tools, interfaces and file formats for various reverse engineering tasks. Making tools play nice together and deciding how to develop new tools is a cumbersome process. The goal of the framework is to reduce the time from "idea" to prototype to a matter of minutes, instead of days. PaiMei was created for personal use and after much debate it was decided to release the majority of the toolkit to the public. This presentation will introduce PaiMei, discuss...
Topics: Recon, Reverse Engineering, Conference, Montreal, Security, Framework, Python, OpenRCE
Community Video
movies
eye 1,210
favorite 0
comment 0
Michael Sutton - Fuzzing - Brute Force Vulnerability Discovery This presentation will introduce fuzzing and discuss how it can be applied to different classes of vulnerabilities. We will begin by looking at fuzzing from an academic perspective. Most importantly, newly developed open source tools will be demonstrated and released publicly. Two primary audiences will be attracted to this presentation; those wishing to discover vulnerabilities through fuzzing and those who wish to protect against...
Topics: Recon, Reverse Engineering, Conference, Montreal, Security, Fuzzing, Fuzz, Vulnerability
Community Video
movies
eye 1,896
favorite 0
comment 0
One of the applications of reverse engineering in computer security is the analysis of operating systems and software for which no source code is available. Most commonly the target is Microsoft Windows, and the goal is to find new 0-day vulnerabilities or to understand the full impact of old bugs. Reverse engineering Microsoft software presents numerous challenges. Based on his experience with reversing all Microsoft patches from the last 6 months, the speaker will present a number of...
Topics: Recon, Reverse Engineering, Conference, Montreal, Security
Community Video
movies
eye 1,055
favorite 0
comment 0
Adam Shostack was once Most Evil Genius for Zero Knowledge systems. He is now coordinating a project to set up anonymous blogs for people in repressive nations, and would like to tell the folks attending Recon about it, and get some of them involved. Bio Adam Shostack is a technologist, startup veteran and regular public speaker. He has published papers on the security, privacy, as well as economics, copyright and trust.
Topic: Recon,Conference,Security,Anonymity,Anonymous,Blogging,Adam Shostack
Community Video
movies
eye 977
favorite 0
comment 0
The objective of the talk is to understand the common problems when developing code written in C/C++. It can be used as starting point to identify security problems when writing applications. The overall focus will be on the prevention of security vulnerabilities and the implementation of technical countermeasures. Reviewing code to find vulnerabilities is becoming more and more common. Reviewing code is not only useful from a developers point of view but also from an attacker's point of view....
Topic: Recon,Security,Auditing,Source Code,Conference
Community Video
Jan 11, 2006
movies
eye 819
favorite 0
comment 0
Recon 2005 Keynote speach (http://recon.cx) by Ryan Russell
Topic: recon,Security,Reverse Engineering,Conference
Community Video
Jan 11, 2006
movies
eye 1,706
favorite 0
comment 0
Reverse engineering panel at Recon 2005(http://recon.cx)
Topic: Recon,Security,Reverse Engineering,Conference
Community Video
movies
eye 766
favorite 0
comment 0
The Winsock SPI, or Service Provider Interface, has been a part of Winsock since the advent of version 2.0. It enables providers to extend the Winsock API transparently, by installing their own hooks and chains to application API calls. However, its formidable capabilities are not put to widespread use... aside from spyware. This lecture begins with a brief overview of the Windows TCP/IP Stack - reviewing the terminology, From NDIS to Winsock 2. We then delve further to explore Winsock,...
Topic: Recon,Security,Conference,Winsock
Community Video
movies
eye 439
favorite 0
comment 0
IDS Analysts today - as well as anyone else trying to parse large volumes of information - have a significant problem dealing with issues of context and correlation. Looking at thousands of lines of text just doesn't do it for them. Keeping all of the relevant details of the traffic in your head at once is just not efficient (or, in many cases, possible). Visualizing IDS events (as a solution to this problem) is often attempted but never really seems to catch on. This talk will explain some of...
Topic: Recon,Security,Conference,IDS,visual analysi
Community Video
movies
eye 790
favorite 1
comment 0
`Proximity cards' are commonly used as high-tech replacements for magstripe cards or metal keys: you hold the card within a few inches of the reader, and the door clicks open. They are interesting because they are routinely used to control access to property or services. These cards contain electronic circuitry that authenticates them to the reader using a radio link. Many such systems are designed with no security at all. This means that the only barrier to entry is the complexity of the...
Topic: Recon,Security,Conference,search
Community Video
movies
eye 4,375
favorite 1
comment 0
Like a skilled native, the able seeker has become part of the web. He knows the smell of his forest: the foul smelling mud of the popups, the slime of a rotting commercial javascript. He knows the sounds of the web: the gentle rustling of the jpgs, the cries of the brightly colored mp3s that chase one another among the trees, singing as they go; the dark snuffling of the m4as, the different sounds and the rustling of the databases, the pathetic cry of the common user, a plaintive cooing that...
Topic: recon,Security,Conference,search
Community Video
movies
eye 1,095
favorite 0
comment 0
This presentation aims at showing WiFi trafic injection applications in order to practically demonstrate weaknesses of commonly deployed WiFi environments, aka WEP or open networks such as hotspots, for network itself and also for stations connected to it. A practical point of vue is adopted instead of giving another "WiFi is insecure" theorical brief. The first part will briefly present 802.11 basics so everyone can understand the whole stuff (management vs. data, how injection...
Topic: Recon,Security,Conference,wifi,wireless
Community Video
movies
eye 699
favorite 0
comment 0
The presentation will cover various issues regarding: protecting binaries against analysis license code implementation schemes modifications that can be made against a binary watermarking a binary This presentation will mainly focus on the Linux operating system, however, the ideas presented are applicable for other operating systems as well. The presentation is aimed to give a general high level overview with some examples to demonstrate the case in point. An indepth paper on these subjects is...
Topic: Recon,Security,Reverse Engineering,Conference
For some silly reason, people commonly think that libraries like "libpcap", "libdnet", and libnids" are difficult to use, yet they're not. developing skills with these libraries and combining them with "libevent" allows you to develop many networking tools and widgets such as scanners, sniffers, and other recon toolkits. this talk will introduce these libraries and show how they can be combined using event driven programming paradigms. the development language...
Topic: Recon,Security,Conference,python,libevent,libdnet,libnids,programming,network
Community Video
movies
eye 343
favorite 0
comment 0
Network scanners are a valuable resource in the security practitioner.s toolkit. They are used to actively probe a network in order to generate a snapshot of the current environment. However, they are not without limitations; they can be loud, resource intensive, and the results can be quickly outdated. During this presentation I will discuss how a passive scanner can be used to identify network traffic. Passive Asset Detection System (PADS) was designed to supplement active scanners by...
Topic: Recon,Security,Conference
Community Video
movies
eye 912
favorite 0
comment 0
People who are interested in maintaining situational awareness often deploy honeypots. However, there are whole classes of attacks for which honeypot devices are not very useful, due to their passive nature. Honeyclients are client-based applications that actively seek malicious servers to gather data for further analysis. This talk will focus on honeyclients, how they can be used, and will share interesting data that has been gathered with a honeyclient. As part of this presentation, an...
Topic: Honeypot,Honeyclient,Recon,Conference,Security
Registration number protections require the user to enter a registration number to register a software application. However, in most cases such a protection can be defeated easily by an in-depth analysis of the disassembled code or by tracing the applications execution using dynamic disassembly (debugging) techniques. Even there still is heavy use of simple XOR encryption methods, several software applications use high optimized cryptographic algorithms to prove the given input for validity....
Topic: Petrinet,Reverse Engineering,Recon,Security,Conference
Computers & Technology
movies
eye 1,217
favorite 0
comment 0
One of the most common examples of reverse engineering is malicious code analysis. In order to clean up after, and prevent further infection by a piece of malicious code, it must be analyzed. Such analysis is often used for generating IDS signatures, detemining exploits used (and hence which patches would be required) and writing detection modules for antivirus software. Usually, this must be done in as little time as possible. This presentation will cover two examples of popular Windows...
Topic: Recon,Security,Reverse Engineering,Conference
Community Video
movies
eye 384
favorite 0
comment 0
Users on the internet are doing more and more of their daily work over peer-to-peer applications. Existing protocols such as SMTP and IRC are being replaced by peer-to-peer file transfer, voice chat, and text messaging systems. Unfortunately, the popular protocols are not secure, and the secure protocols are not popular. In this talk, we will talk about the security properties of the existing peer-to-peer systems, as well as describing an open-source system in development, CUTLASS. CUTLASS aims...
Topic: Encrypted,P2P,voip,CUTLASS,Recon,Conference,Security
Community Video
movies
eye 595
favorite 0
comment 0
In today's world, closed-source software dominates the desktop and much of the server room. While a variety of tools and methodologies exist for security research in open-source software, binary analysis remains a mostly unexplored field. Post discovery and 0day vulnerability researchers heavily rely on reverse code engineering (RCE) to accomplish their work. The purpose of this talk is to introduce the art and science of "Process Stalking" to the general public. "Process...
Topic: Recon,Security,Reverse Engineering,Conference,Process Stalker
Community Video
Jan 7, 2006
movies
eye 2,799
favorite 1
comment 1
Recon is a security and reverse engineering conference located in montreal. All videos are encoded in xvid format.
favoritefavoritefavoritefavoritefavorite ( 1 reviews )
Topics: Reverse engineering, Recon, Conference, Security